Anna Danchenko

Bug Hunting with Status

Find bugs, get paid, learn more about Ethereum and Status by participating in the Status Bug Hunting sessions. For the first session we will select 5 applicants with testing experience to learn together. We will explore Status app and learn how to make such sessions a joy for any tester in the future :)

Each reported, unknown bug with high or medium severity will be rewarded with SNT (Status Network Token). The exact amount will be defined per session.

We’d like to make such sessions recurring and open to more testers, so even if you are not invited to the first round, stay tuned for future updates. You can apply to join bug hunting sessions by filling in this questionnaire.

If you can’t wait, then try our most recent nightly build here (only Android, build might be unstable). To get the stable release version on iOS, sign up for access via TestFlight here. For the Android stable release, simply download Status from the PlayStore

Out of scope: load and performance testing, localization, UX and UI improvements, new feature suggestions, bugs that can’t be reproduced 3 times in a row, iOS devices, emulators, bugs of third party services (see such services in https://www.iubenda.com/privacy-policy/45710059 )

Payouts: 1 high-severity issue 400 SNT, 1 medium-severity 250 SNT, low-severity are not paid. SNT's current value can be checked here. Bugs reported before or after session are not paid. Bugs reported by other contributors who were not selected for the first session are not paid. Bugs reported for other builds than specficied for the target session build are not paid.

Review and payouts: bug reports will be reviewed during session and 1 week after. You can expect to get payouts by August 21 as Ethereum transaction to the specified address.

The target build will have a TestFairy service enabled which sends screenshots and logs if the app is launched and a WiFi connection is used. We do not save your password, private key, or recovery phrase in the logs/screenshots. However, be aware that your interaction with app will be recorded and sensitive data should not be shared while you test. Here is a sample of such session.

High and medium severity bugs - examples

Critical severity (it’s highly unlikely that such bugs will be in the Target build as our internal testers will check it first). A critical severity bug is defind as a failure that impacts at least one of the core areas of the app: wallet, chat or dapps. It violates Status values (security, privacy, etc. as detailed in Basel), thus being a threat to our community's reputation. It usually has no workaround and we would not tolerate it in the next app release.
Good examples:https://github.com/status-im/status-react/issues/4818https://github.com/status-im/status-react/issues/5120